How serious are the Intel / Meltdown / Spectre flaws?
We’re only a few days into 2018, and already we have a cyber-security panic on our hands. Predictions about the year ahead being full of more of the same cyber-pandemics as we had in 2017 look like they might swiftly be shaping up as accurate!
So only a couple of days after discovery of these issues that affect all Intel chips and a myriad of other products to boot, including all Apple devices. Should you be worried about the security of your business?
Simple answer: No.
Longer answer: No more than you were the day before.
Fundamentally the flaws we are talking about allow attackers who have managed to run programs (also known as “executing code”) on your computer to gain more access to it than they otherwise should have.
The key element here though (blink and you’ll have missed it) is that they are ALREADY RUNNING PROGRAMS ON YOUR COMPUTER! Once an attacker has reached this stage it’s normally game-over for you anyway. From this position their possibilities are endless, from logging your keystrokes and getting your passwords, to sending and reading emails on your behalf; running programs on your computer for all intents and purposes means you have already been breached.
It’s a bit like if you owned a castle, and you just found out the lock to the treasure room was broken. Someone will still have to climb over the walls (infect your computer), and make it past the guards (antivirus). Both of which are possible, but by no means trivial. The weakness here is that the final step that should prevent them breaking into the treasure room (essentially the superuser account on your computer) has a flaw that shouldn’t be there, making the overall heist slightly easier than it might otherwise have been.
Of course we’re not saying you shouldn’t patch this issue, nobody wants a treasure room with no lock on the door. In fact, if you’re a bank, secret government agency, or you’re processing credit cards or hugely sensitive personal information, you might want to consider how quickly you can get these patches deployed. For anyone else though, our advice is to include these patches as part of your regular process (i.e. once a month for cloud servers, or automatically with desktop system updates). And most importantly, don’t panic!
Chris Wallis is the Founder of Intruder. Intruder’s mission is to help companies understand the reality of the cyber threats they face, helping them panic less and react more effectively.